The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy
laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach
data privacy. The enforcement date of GDPR is 25 May 2018.

Comet can be part of your GDPR compliant backup offering, however you will have to ensure that you fulfil your own GDPR obligations as well.
It maybe advantageous to engage a GDPR consultant or agency to ensure your compliance.

What aspects of using Comet will help with providing a GDPR compliant backup offering? ¶

Encryption: Comet always encrypts all user data before storing it. It remains encrypted during transfer and also at rest in the storage
destination, even in a scenario where the storage destination is compromised the data remains unreadable.
Technical details about our encryption can be found here.

Server and Storage Locations: For Comet Enterprise as this is a self-hosted and managed product that you control, you can choose where
your server and storage destinations are located and what security measures you have in place. CometGo! Server and it's attached storage
are hosted on Amazon AWS EC2 & Object Storage platforms in the region you selected upon signup.
More information is available here about the cloud security measures Amazon has in place.

Access: If you are using Comet Enterprise, only you can access your Comet server and grant/create additional system users. If you are using CometGo! we respect the privacy and security of your server instance. In the unlikely event that Comet Backup staff would require direct access your Comet Server instance, your consent will be sought first and this access will only be undertaken if consent is granted by you.

Removal of data: In both Comet Enterprise and Go! you have total control over the data including deletion options if a customer requests it from you.

The only information that is transmitted back to us from your Comet Server is basic information in order to validate your server serial number and aggregate information for licensing and billing purposes.

Where can I find more information about the handling of Personal Data, Privacy Policy and Data Processing? ¶